DOCSLIB.ORG

Mac OS X Malware Vulnerabilities (November 2008)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

1 Mac OS X Malware Vulnerabilities (November 2008) Michael Grebenyuk, Albert Sodyl, Byron Thiessen, Sijia Wang and read By the operating system loader for that oBject format. Abstract—Mac OS X is commonly known to be a secure Various oBject formats exist, such as ELF, PE/COFF, and operating system however this is a misconception. Mac OS X Mach­O. does have security flaws and a proof­of­concept virus was created The Mach­O (Mach Object) oBject format is used By by the authors to exploit universal binary files. This virus infects other binaries on the system and captures private user data, operating systems Based on the Mach kernel, such as emailing it to the attacker. There are several possible defence NeXTSTEP and Mac OS X. The Mach­O format provides strategies to defend against exploits such the one presented. These Both intermediate and final storage of the machine code and include prevention using stricter access control with sandboxing, data. Features for dynamic linking were later added on top of and detection by various methods such as signature detection, the statically linked executable code at runtime, resulting in a change detection, and activity scanning. single file format that is Both dynamic and statically linked. The Basic Mach­O file contains three major regions (Fig. 1). Index Terms—Computer security, computer viruses I. INTRODUCTION PPLE advertises their Mac OS X operating system as A Being very secure through their marketing campaigns. A quote from their website claims that it “delivers the highest level of security through the adoption of industry standards, open software development and wise architectural decisions. ComBined, this intelligent design prevents the swarms of viruses and spyware that plague PCs these days” [1]. As a result of this, and the lack of prevalent malware on the platform, many Macintosh users Believe that Mac OS X really is secure. Advertisements such as the popular Mac vs. PC commercials only contribute to the hype, even for non­ Macintosh users. Therefore, most are oBlivious to malware threats on Mac OS X. However, the security of Mac OS is a myth, as it has vulnerabilities just like other operating systems, and should exploits Become more common, it would Fig. 1. Mach­O file format Basic structure. The 3 main regions are header, significantly increase the risk of using a Mac OS X [2], [3]. load commands and sections. Each segment command has zero or more section commands associated with it. This project analyzes how effective the security of Mac OS X really is when it comes to malware, such as viruses and At the Beginning of every Mach­O file is a header spyware. By presenting a working exploit in the form of a mach_header that identifies the file as a Mach­O type using a Mac OS X virus that does alarmingly malicious actions, we magic numBer 0xfeedface. The header also contains hope to gain the attention of Mac OS X users and provide information such as the CPU type, file type, total size of the insight on how Mac OS X is just as vulnerable as other load commands and various other flags that will affect the operating systems, and present strategies for defending against interpretation of the rest of the file. The mach_header such threats. structure is as follows: struct mach_header { II. BINARY FORMATS uint32_t magic; cpu_type_t cputype; A. Mach­O Format cpu_subtype_t cpusubtype; Operating systems use various oBject formats to store uint32_t filetype; uint32_t ncmds; executable code and their libraries and associated metadata. uint32_t sizeofcmds; They act as Blueprints for mapping out processes images in uint32_t flags; }; memory. Object files are created By compilers or assemBlers 2 Common CPU types supported include PowerPC (0x12) fat_header structure is Big endian on Both architectures, thus and x86 (0x7). CPU suBtypes define specific models of forcing a Byte swap on Intel machines. The fat_header processors and are usually 0x0 for PowerPC and 0x3 for Intel structure also contains information such as the archive offset Binaries. which allows the loader to take the native Binary required for Following the header are a series of load commands that certain types of architecture and run it as if it was a single specify the layout and linkage characteristics of the file. Mach­O. Because the native code is Being run, it executes just struct load_command { as fast as a pure native Mach­O file. The only drawBack to this uint32_t cmd; is the universal binary’s size. As mentioned before, universal uint32_t cmdsize; Binaries are simply archives of two Mach­O files which }; generally are douBle in size of a single Mach­O. However, This structure specifies the initial layout of the file in virtual this drawback doesn’t affect the end user significantly since memory, the initial execution state of the main thread of the file storage sizes have grown an astounding amount. program as well as location of symBol tables and names of shared libraries. The most important load commands are III. INFECTING MAC OS X BINARIES LC_SEGMENT, LC_THREAD, and LC_UNIXTHREAD. In particular, LC_THREAD holds the initial state of the registers A. Concatenation Method when a thread starts, this load_command can Be used to Apart from utilizing specific Mach­O Binary features, a retrieve or modify the entry point of a thread. simple way of infecting Binaries is with the concatenation The third section of the Mach­O is the Data section which is method. This method works By concatenating two Mach­O divided into one or more segments each containing zero or executable oBjects together. When the result is executed, only more sections pointed to By an LC_SEGMENT load command the first Binary will “run”. To use this as an exploit, a Binary (Fig. 1). Each segment defines a region of virtual memory that needs to Be created that knows its own size and contains a the dynamic linker maps into and each section of a segment potentially harmful payload within. We will call this Binary contains code or data of a particular type. Such information the ‘parasite’. To infect a host binary, it simply inserts itself in includes symBol taBles and string tables. the Beginning of the host Binary. In other words, it B. Fat Binaries and Universal Binaries concatenates the host Binary with itself, the copies itself to the location of the host Binary, overwriting it. When the infected Multiple Mach­O files can Be comBined into a multi­ host Binary executes, the parasite must seek to the end of itself, architecture Binary. A Binary file as such is also called a fat copy the rest of the Binary, which is the host program, into a Binary due to the increased size of the file. Fat Binaries temporary file and execute it as a child process. Then it include machine code for multiple instruction set architectures executes whatever payload desired either Before, during, or (ISAs) and thus can Be run on multiple processor types. The after the host binary is run. [6] fat Binary was developed By NeXT for their NeXTSTEP Such a method is trivial to implement in Mac OS X Because operating system to allow Motorola 68k and Intel IA­32 Based most Binaries are writable and it is possible for a process to processors to run the operating system without making open a file descriptor to its own Binary. Contrast this with separate versions. After Apple purchased NeXT in 1996, fat Linux where /proc/pid/mem must Be used. The location of the Binaries continued to Be supported in Mac OS X, but it wasn’t temporary file does not matter for all But some Objective­C until Apple announced their transition to Intel processors in applications that use @executable_path where the temporary 2005 that they really took off. Fat Binaries are not actually Binary must reside in the same folder as it was originally in. Binary files themselves but rather an archive of Binaries. The arguments and environment must Be passed unmodified Every fat Binary starts with a structure fat_header similar to when executing the temporary file in a fork so the application that of a single Mach­O file which contains two unsigned has the illusion that its first argument (the location of the integers magic and nfat_arch. The magic numBer is similar to Binary), has not changed. that in a Mach­O file since it also identifies the file as a fat Binary archive. However, for a fat Binary the magic numBer B. Resource Fork Method used is 0xcafebabe. The second unsigned integer is used to Mac OS X file system uses HFS+, a replacement for define how many Mach­O Binaries are contained within the Apple’s Hierarchical File System(HFS). Each file on a HFS+ archive. In Mac OS X, fat Binaries are used to support file partition has two forks, data and resource. To access a optimized codes for multiple variants of an architecture such file’s resource fork, the command <filename>/rsrc or as 32­Bit and 64­Bit PowerPC generations. <filename>/..namedfork/rsrc is used. To use this for an Later, Apple promoted the use of fat Binaries through their exploit, one can copy the host Binary into the resource fork of transition from PowerPC to Intel’s x86 architecture, giving fat the parasite file. The parasite file is then copied over top of the Binaries the name “Universal Binary”. It is interesting to note original host Binary, replacing it. When the new Binary is that PowerPC is a Big endian (higher order Bytes stored at executed, it simply executes the payload section Before or after lowest address) architecture, and Intel uses little endian (lower executing its resource fork.
Recommended publications
  • File Naming Recommendations

    File Naming Recommendations

    File Naming Recommendations In a mixed platform world of Macintosh, Windows, and Unix computers, you must pay attention to how you name your file. On PCs, you usually append a three-letter file extension after the file name to tell the computer what program to launch when it is double-clicked. Programs on the PC do this automatically, but the same programs running on the Mac often do not. Things to avoid: 1.) Don't add extraneous punctuation to the file name. For example, don't use #. %, forward or back slashes, ampersands, and question marks or any other strange glyph. Stick mostly to letters and numbers. Dashes and underscores are OK. Good: my_file.jpg Bad: my/file.jpg 2.) Don't put more than one period in the file name. Use only one period at the end of the file name just before the three-letter suffix. Good: very_big_splash.jpg Bad: very.big.splash.jpg 3.) Don't omit the 3-letter suffix. Add the correct 3-letter suffix to the file name if none is created by the application program. ALL web browsers require a suffix to be able to tell a picture file from a text file, for example. Good: promopic.gif Bad: promopic.newone Bad: promopic 4.) Avoid spaces in filenames. High-speed Unix-based web servers dislike having spaces in the file name. Your pages and files with spaces in the name may work on a Mac or PC server, but if you ever migrate the files to a Unix server, you're in trouble. Most web designers use underscores in the file name to separate words for clarity.
  • Mac OS 8 Update

    Mac OS 8 Update

    K Service Source Mac OS 8 Update Known problems, Internet Access, and Installation Mac OS 8 Update Document Contents - 1 Document Contents • Introduction • About Mac OS 8 • About Internet Access What To Do First Additional Software Auto-Dial and Auto-Disconnect Settings TCP/IP Connection Options and Internet Access Length of Configuration Names Modem Scripts & Password Length Proxies and Other Internet Config Settings Web Browser Issues Troubleshooting • About Mac OS Runtime for Java Version 1.0.2 • About Mac OS Personal Web Sharing • Installing Mac OS 8 • Upgrading Workgroup Server 9650 & 7350 Software Mac OS 8 Update Introduction - 2 Introduction Mac OS 8 is the most significant update to the Macintosh operating system since 1984. The updated system gives users PowerPC-native multitasking, an efficient desktop with new pop-up windows and spring-loaded folders, and a fully integrated suite of Internet services. This document provides information about Mac OS 8 that supplements the information in the Mac OS installation manual. For a detailed description of Mac OS 8, useful tips for using the system, troubleshooting, late-breaking news, and links for online technical support, visit the Mac OS Info Center at http://ip.apple.com/infocenter. Or browse the Mac OS 8 topic in the Apple Technical Library at http:// tilsp1.info.apple.com. Mac OS 8 Update About Mac OS 8 - 3 About Mac OS 8 Read this section for information about known problems with the Mac OS 8 update and possible solutions. Known Problems and Compatibility Issues Apple Language Kits and Mac OS 8 Apple's Language Kits require an updater for full functionality with this version of the Mac OS.
  • Mac OS X Server Administrator's Guide

    Mac OS X Server Administrator's Guide

    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
  • Cygwin User's Guide

    Cygwin User's Guide

    Cygwin User’s Guide Cygwin User’s Guide ii Copyright © Cygwin authors Permission is granted to make and distribute verbatim copies of this documentation provided the copyright notice and this per- mission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this documentation under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this documentation into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation. Cygwin User’s Guide iii Contents 1 Cygwin Overview 1 1.1 What is it? . .1 1.2 Quick Start Guide for those more experienced with Windows . .1 1.3 Quick Start Guide for those more experienced with UNIX . .1 1.4 Are the Cygwin tools free software? . .2 1.5 A brief history of the Cygwin project . .2 1.6 Highlights of Cygwin Functionality . .3 1.6.1 Introduction . .3 1.6.2 Permissions and Security . .3 1.6.3 File Access . .3 1.6.4 Text Mode vs. Binary Mode . .4 1.6.5 ANSI C Library . .4 1.6.6 Process Creation . .5 1.6.6.1 Problems with process creation . .5 1.6.7 Signals . .6 1.6.8 Sockets . .6 1.6.9 Select . .7 1.7 What’s new and what changed in Cygwin . .7 1.7.1 What’s new and what changed in 3.2 .
  • Tinkertool System 7 Reference Manual Ii

    Tinkertool System 7 Reference Manual Ii

    Documentation 0642-1075/2 TinkerTool System 7 Reference Manual ii Version 7.5, August 24, 2021. US-English edition. MBS Documentation 0642-1075/2 © Copyright 2003 – 2021 by Marcel Bresink Software-Systeme Marcel Bresink Software-Systeme Ringstr. 21 56630 Kretz Germany All rights reserved. No part of this publication may be redistributed, translated in other languages, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written permission of the publisher. This publication may contain examples of data used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. This publication could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. The publisher may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Make sure that you are using the correct edition of the publication for the level of the product. The version number can be found at the top of this page. Apple, macOS, iCloud, and FireWire are registered trademarks of Apple Inc. Intel is a registered trademark of Intel Corporation. UNIX is a registered trademark of The Open Group. Broadcom is a registered trademark of Broadcom, Inc. Amazon Web Services is a registered trademark of Amazon.com, Inc.
  • Chapter 1. Origins of Mac OS X

    Chapter 1. Origins of Mac OS X

    1 Chapter 1. Origins of Mac OS X "Most ideas come from previous ideas." Alan Curtis Kay The Mac OS X operating system represents a rather successful coming together of paradigms, ideologies, and technologies that have often resisted each other in the past. A good example is the cordial relationship that exists between the command-line and graphical interfaces in Mac OS X. The system is a result of the trials and tribulations of Apple and NeXT, as well as their user and developer communities. Mac OS X exemplifies how a capable system can result from the direct or indirect efforts of corporations, academic and research communities, the Open Source and Free Software movements, and, of course, individuals. Apple has been around since 1976, and many accounts of its history have been told. If the story of Apple as a company is fascinating, so is the technical history of Apple's operating systems. In this chapter,[1] we will trace the history of Mac OS X, discussing several technologies whose confluence eventually led to the modern-day Apple operating system. [1] This book's accompanying web site (www.osxbook.com) provides a more detailed technical history of all of Apple's operating systems. 1 2 2 1 1.1. Apple's Quest for the[2] Operating System [2] Whereas the word "the" is used here to designate prominence and desirability, it is an interesting coincidence that "THE" was the name of a multiprogramming system described by Edsger W. Dijkstra in a 1968 paper. It was March 1988. The Macintosh had been around for four years.
  • Intel® Oneapi Programming Guide

    Intel® Oneapi Programming Guide

    Intel® oneAPI Programming Guide Intel Corporation www.intel.com Notices and Disclaimers Contents Notices and Disclaimers....................................................................... 5 Chapter 1: Introduction oneAPI Programming Model Overview ..........................................................7 Data Parallel C++ (DPC++)................................................................8 oneAPI Toolkit Distribution..................................................................9 About This Guide.......................................................................................9 Related Documentation ..............................................................................9 Chapter 2: oneAPI Programming Model Sample Program ..................................................................................... 10 Platform Model........................................................................................ 14 Execution Model ...................................................................................... 15 Memory Model ........................................................................................ 17 Memory Objects.............................................................................. 19 Accessors....................................................................................... 19 Synchronization .............................................................................. 20 Unified Shared Memory.................................................................... 20 Kernel Programming
  • Mac OS X: an Introduction for Support Providers

    Mac OS X: an Introduction for Support Providers

    Mac OS X: An Introduction for Support Providers Course Information Purpose of Course Mac OS X is the next-generation Macintosh operating system, utilizing a highly robust UNIX core with a brand new simplified user experience. It is the first successful attempt to provide a fully-functional graphical user experience in such an implementation without requiring the user to know or understand UNIX. This course is designed to provide a theoretical foundation for support providers seeking to provide user support for Mac OS X. It assumes the student has performed this role for Mac OS 9, and seeks to ground the student in Mac OS X using Mac OS 9 terms and concepts. Author: Robert Dorsett, manager, AppleCare Product Training & Readiness. Module Length: 2 hours Audience: Phone support, Apple Solutions Experts, Service Providers. Prerequisites: Experience supporting Mac OS 9 Course map: Operating Systems 101 Mac OS 9 and Cooperative Multitasking Mac OS X: Pre-emptive Multitasking and Protected Memory. Mac OS X: Symmetric Multiprocessing Components of Mac OS X The Layered Approach Darwin Core Services Graphics Services Application Environments Aqua Useful Mac OS X Jargon Bundles Frameworks Umbrella Frameworks Mac OS X Installation Initialization Options Installation Options Version 1.0 Copyright © 2001 by Apple Computer, Inc. All Rights Reserved. 1 Startup Keys Mac OS X Setup Assistant Mac OS 9 and Classic Standard Directory Names Quick Answers: Where do my __________ go? More Directory Names A Word on Paths Security UNIX and security Multiple user implementation Root Old Stuff in New Terms INITs in Mac OS X Fonts FKEYs Printing from Mac OS X Disk First Aid and Drive Setup Startup Items Mac OS 9 Control Panels and Functionality mapped to Mac OS X New Stuff to Check Out Review Questions Review Answers Further Reading Change history: 3/19/01: Removed comment about UFS volumes not being selectable by Startup Disk.
  • Mac OS for Quicktime Programmers

    Mac OS for Quicktime Programmers

    Mac OS For QuickTime Programmers Apple Computer, Inc. Technical Publications April, 1998 Apple Computer, Inc. Apple, the Apple logo, Mac, LIMITED WARRANTY ON MEDIA © 1998 Apple Computer, Inc. Macintosh, QuickDraw, and AND REPLACEMENT All rights reserved. QuickTime are trademarks of Apple ALL IMPLIED WARRANTIES ON THIS No part of this publication or the Computer, Inc., registered in the MANUAL, INCLUDING IMPLIED software described in it may be United States and other countries. WARRANTIES OF reproduced, stored in a retrieval The QuickTime logo is a trademark MERCHANTABILITY AND FITNESS system, or transmitted, in any form of Apple Computer, Inc. FOR A PARTICULAR PURPOSE, ARE or by any means, mechanical, Adobe, Acrobat, Photoshop, and LIMITED IN DURATION TO NINETY electronic, photocopying, recording, PostScript are trademarks of Adobe (90) DAYS FROM THE DATE OF or otherwise, without prior written Systems Incorporated or its DISTRIBUTION OF THIS PRODUCT. permission of Apple Computer, Inc., subsidiaries and may be registered in Even though Apple has reviewed this except in the normal use of the certain jurisdictions. manual, APPLE MAKES NO software or to make a backup copy Helvetica and Palatino are registered WARRANTY OR REPRESENTATION, of the software or documentation. trademarks of Linotype-Hell AG EITHER EXPRESS OR IMPLIED, WITH The same proprietary and copyright and/or its subsidiaries. RESPECT TO THIS MANUAL, ITS notices must be affixed to any ITC Zapf Dingbats is a registered QUALITY, ACCURACY, permitted copies as were affixed to trademark of International Typeface MERCHANTABILITY, OR FITNESS the original. This exception does not Corporation. FOR A PARTICULAR PURPOSE. AS A allow copies to be made for others, RESULT, THIS MANUAL IS Simultaneously published in the whether or not sold, but all of the DISTRIBUTED “AS IS,” AND YOU United States and Canada.
  • Pooch Manual In

    Pooch Manual In

    What’s New As of August 21, 2011, Pooch is updated to version 1.8.3 for use with OS X 10.7 “Lion”: Pooch users can renew their subscriptions today! Please see http://daugerresearch.com/pooch for more! On November 17, 2009, Pooch was updated to version 1.8: • Linux: Pooch can now cluster nodes running 64-bit Linux, combined with Mac • 64-bit: Major internal revisions for 64-bit, particularly updated data types and structures, for Mac OS X 10.6 "Snow Leopard" and 64-bit Linux • Sockets: Major revisions to internal networking to adapt to BSD Sockets, as recommended by Apple moving forward and required for Linux • POSIX Paths: Major revisions to internal file specification format in favor of POSIX paths, recommended by Apple moving forward and required for Linux • mDNS: Adapted usage of Bonjour service discovery to use Apple's Open Source mDNS library • Pooch Binary directory: Added Pooch binary directory support, making possible launching jobs using a remotely-compiled executable • Minor updates and fixes needed for Mac OS X 10.6 "Snow Leopard" Current Pooch users can renew their subscriptions today! Please see http://daugerresearch.com/pooch for more! On April 16, 2008, Pooch was updated to version 1.7.6: • Mac OS X 10.5 “Leopard” spurs updates in a variety of Pooch technologies: • Network Scan window • Preferences window • Keychain access • Launching via, detection of, and commands to the Terminal • Behind the Login window behavior • Other user interface and infrastructure adjustments • Open MPI support: • Complete MPI support using libraries
  • Carbon Copy Cloner Documentation: English

    Carbon Copy Cloner Documentation: English

    Carbon Copy Cloner Documentation: English Getting started with CCC System Requirements, Installing, Updating, and Uninstalling CCC CCC License, Registration, and Trial FAQs Trouble Applying Your Registration Information? Establishing an initial backup Preparing your backup disk for a backup of Mac OS X Restoring data from your backup What's new in CCC Features of CCC specific to Lion and greater Release History Carbon Copy Cloner's Transition to a Commercial Product: Frequently Asked Questions Credits Example backup scenarios I want to clone my entire hard drive to a new hard drive or a new machine I want to backup my important data to another Macintosh on my network I want to backup multiple machines or hard drives to the same hard drive I want my backup task to run automatically on a scheduled basis Backing up to/from network volumes and other non-HFS volumes I want to back up my whole Mac to a Time Capsule or other network volume I want to defragment my hard drive Backup and archiving settings Excluding files and folders from a backup task Protecting data that is already on your destination volume Managing previous versions of your files Automated maintenance of CCC archives Advanced Settings Some files and folders are automatically excluded from a backup task The Block-Level Copy Scheduling Backup Tasks Scheduling a task and basic settings Performing actions Before and After the backup task Deferring and skipping scheduled tasks Frequently asked questions about scheduled tasks Email and Growl notifications Backing Up to Disk Images
  • IM: F: Introduction to Files

    IM: F: Introduction to Files

    CHAPTER 1 Introduction to File Management 1 This chapter is a general introduction to file management on Macintosh computers. It explains the basic structure of Macintosh files and the hierarchical file system (HFS) used 1 with Macintosh computers, and it shows how you can use the services provided by the Introduction to File Management Standard File Package, the File Manager, the Finder, and other system software components to create, open, update, and close files. You should read this chapter if your application implements the commands typically found in an application’s File menu—except for printing commands and the Quit command, which are described elsewhere. This chapter describes how to ■ create a new file ■ open an existing file ■ close a file ■ save a document’s data in a file ■ save a document’s data in a file under a new name ■ revert to the last saved version of a file ■ create and read a preferences file Depending on the requirements of your application, you may be able to accomplish all your file-related operations by following the instructions given in this chapter. If your application has more specialized file management needs, you’ll need to read some or all of the remaining chapters in this book. This chapter assumes that your application is running in an environment in which the routines that accept file system specification records (defined by the FSSpec data type) are available. File system specification records, introduced in system software version 7.0, simplify the identification of objects in the file system. Your development environment may provide “glue” that allows you to call those routines in earlier system software versions.